Changes in detail
... and again improved Radars
Standards Radar for Responders
A short while ago we enabled Responder reports on Assessments. These show each Assessment Responder individually the expected and their actual maturity given their Assessment answers via our eye-pleasing Radar Diagrams. So far we only offered the Topic Radars for this. Now we added the Standards Radars as well. This is a big deal as Responders now can easily find out how compliant their answers are with international standards and regulations, such as GDPR, ISO 27001 and around 30 others supported by the Alyne Library.
Our Radars bend time: You can see the compliance status in the Radars always given the newest Standards and Regulations in the Alyne Library - no matter when the Assessment was completed.
Alphabetically Sorted Radars
As a goodie, we also managed to sort the Radar axes alphabetically clockwise. Even if you choose exotic custom Standards or Topics/Subtopics it should work fine.
Realtime Access Control
Leveraging the Alyne realtime technology, access can be revoked from a currently logged in user in realtime, i.e. under a second. This is active for when you promote or demote a user or of course when you remove/lock a user in your Alyne organisation.
Typical access control regulations requires access revocation within 24 hours. Our solution is the theoretically and practically fastest way of revoking access.
Configurable Session Timeout
In addition to our exisiting access controls on the Alyne platform such as
- enforced password policy
- access federation with ADFS, SAML, IdP-initiated SSO
- multi-factor authentication
- short-lived tokens - the higher the sensitivity of the data, the shorter the token life span
- realtime access control
Silently session inactivity timeouts have been implemented for a long time in our platform, but now every customer can set it on their own while the minimum is 30 minutes. So if you are logged in to Alyne and you don't touch anything for let's say 30 minutes, you are logged out automatically. Normally your computer should be anyway configured like this, but you never know ...
We were to greedy while parsing email addresses for user invitations and Assessment recipients that led to hickups in starting an Assessment in rare cases. #regexftw
Tasks could be theoretically be delegated to locked users. That made no sense.
We improved the mobile version of the Risk Management
Photocredit: markusspiske / photocase.de